fxwinning-login-acess.ga Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fxwinning-login-acess.ga/	149 KB 29 KB	117ms 60ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.24 Resource Hash d5d3983c51e2ed3da3b65c59991914a5421d04d079a84d3304d799e439b1da21 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 76fe21272cb1b945-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 25 Nov 2022 23:22:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} platform hostinger report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zygPCG%2B7dguDjs7cQYVq2o2eTi6295QaHrEfUl1mPInASBCPvrOPHnbozisv3gOWpev%2FRtp3jWKUA3hIuwiY%2FGQ%2FOdP9yx%2Ftff98YghhOmiY7A%2FN8Wl7w%2FFtk7d9df0t20hVZEbXzCL6%2F8glzUNG0u8i4sWoSnw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.0.24 x-turbo-charged-by LiteSpeed
GET H2	200	font-awesome.min.css www.qflor.com.br/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/	30 KB 7 KB	473ms 98ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 503a0cce4bc611917aea2513bab95a98100599d5072946eedc0d4ce7b859303e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:11 GMT server nginx etag "7844-5e56f35da6ecd-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 7009
GET H2	200	blocks.style.build.css www.qflor.com.br/wp-content/plugins/genesis-blocks/dist/	45 KB 7 KB	665ms 290ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/genesis-blocks/dist/blocks.style.build.css?ver=1659640697 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 713b008aac6b77c51965a613042eb8bfca3be004146f1c9514922833c3a09d6f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:17 GMT server nginx etag "b21f-5e56f363f637f-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6712
GET H2	200	fullmain.min.css www.qflor.com.br/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/	149 KB 19 KB	570ms 195ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.3.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 383a1396d5b6de56f357223bb468d0cfc4287b3b7815f22052892a508ac912b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:11 GMT server nginx etag "254ed-5e56f35da9dad-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 18736
GET H2	200	style.css www.qflor.com.br/wp-content/themes/qflor/	31 KB 7 KB	566ms 191ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/qflor/style.css?ver=3.0.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 08ce3da9049e6d646b111e203ecfd355a46874d34ff6a651715c57f713e9fa24 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 21 Sep 2021 13:39:03 GMT server nginx etag "7a31-5cc818552fbf1-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6986
GET H2	200	style.min.css c0.wp.com/c/5.9.5/wp-includes/css/dist/block-library/	81 KB 11 KB	96ms 25ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/css/dist/block-library/style.min.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Wed, 30 Mar 2022 11:30:25 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	mediaelementplayer-legacy.min.css c0.wp.com/c/5.9.5/wp-includes/js/mediaelement/	11 KB 2 KB	96ms 25ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 29 Sep 2020 15:53:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	wp-mediaelement.min.css c0.wp.com/c/5.9.5/wp-includes/js/mediaelement/	4 KB 1 KB	97ms 26ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/mediaelement/wp-mediaelement.min.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Fri, 07 Jun 2019 20:45:02 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	wc-blocks-vendors-style.css c0.wp.com/p/woocommerce/6.8.0/packages/woocommerce-blocks/build/	5 KB 1 KB	97ms 27ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 18 Jan 2022 21:24:33 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	wc-blocks-style.css c0.wp.com/p/woocommerce/6.8.0/packages/woocommerce-blocks/build/	205 KB 20 KB	97ms 27ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/packages/woocommerce-blocks/build/wc-blocks-style.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash f3ddaf2e45a19650e8f47a163e4955e467e74803f6d20c3dbde53ce96dbdd476 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 26 Jul 2022 03:28:45 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	jquery.selectBox.css www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/	3 KB 1 KB	568ms 194ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash d589803f3ab380582ab137b22493c2bacaa92424fa88cee212e80288cac11fbb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:35 GMT server nginx etag "a46-5e56f37534713-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 812
GET H2	200	font-awesome.css www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/	30 KB 7 KB	567ms 194ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 73835f9dd494931cd0562ab2d4db8aaf3d54dca375abade1794ad1a12ae0d97c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:35 GMT server nginx etag "778b-5e56f37534713-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6968
GET H2	200	prettyPhoto.css www.qflor.com.br/wp-content/plugins/woocommerce/assets/css/	9 KB 2 KB	664ms 290ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:51:45 GMT server nginx etag "2441-5e6d3e905ef3c-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2034
GET H2	200	style.css www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/	29 KB 5 KB	663ms 289ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.12.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 3e61990964ebd31443be4e6598163ebd71b73b139c42d52547b8a290f7d059ca Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:35 GMT server nginx etag "7299-5e56f37534713-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4857
GET H2	200	frontend.css www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/css/	65 KB 10 KB	664ms 291ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/css/frontend.css?ver=5.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 8a4e064abda3d1c4407bbec78b57e195ec72ede4a8de85583cb948302f92dc31 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:26 GMT server nginx etag "10338-5e6d3ef08bf8e-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 9561
GET H2	200	badges.css www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/css/	17 KB 3 KB	763ms 390ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/css/badges.css?ver=5.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash b6448db393306d5c47023c2ba05b1832a9e7440340aa72dcfc17e35835ca22c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:26 GMT server nginx etag "4426-5e6d3ef08bf8e-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2840
GET H2	200	styles.css www.qflor.com.br/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	760ms 387ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:22 GMT server nginx etag "aab-5e6d3eeca6dd8-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 972
GET H2	200	style.css www.qflor.com.br/wp-content/plugins/woocommerce-product-image-flipper/assets/css/	1 KB 544 B	758ms 386ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce-product-image-flipper/assets/css/style.css?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 0872867a5f5a50310f3d30e2e16cf0f55391c7ef0d68047617db41e601cc09d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:28 GMT server nginx etag "4a4-5b8ce9521a579-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 331
GET H2	200	woocommerce-layout.css c0.wp.com/p/woocommerce/6.8.0/assets/css/	17 KB 2 KB	96ms 27ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/css/woocommerce-layout.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 21 Dec 2021 19:24:57 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	woocommerce.css c0.wp.com/p/woocommerce/6.8.0/assets/css/	61 KB 8 KB	136ms 68ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/css/woocommerce.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 21 Dec 2021 19:24:57 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	genesis-sample-woocommerce.css www.qflor.com.br/wp-content/themes/qflor/lib/woocommerce/	20 KB 4 KB	760ms 388ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/qflor/lib/woocommerce/genesis-sample-woocommerce.css?ver=3.0.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 0b84b80669cdbf1f4b1906ffc4ecdab1a20b0aa56c4e69efa382b6067afdabfd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 25 Nov 2020 20:28:54 GMT server nginx etag "51a8-5b4f446b19f46-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3508
GET H2	200	dashicons.min.css c0.wp.com/c/5.9.5/wp-includes/css/	58 KB 34 KB	136ms 68ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/css/dashicons.min.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Wed, 03 Mar 2021 21:16:22 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	style.min.css www.qflor.com.br/wp-content/plugins/ajax-search-for-woocommerce/assets/css/	32 KB 6 KB	760ms 388ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 77ecbbe5fa7101dc1ebc9ebc5db361fe9b65e7dfadb805407247699affba6114 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:17 GMT server nginx etag "80e7-5e56f36338c22-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 5780
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	124ms 40ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C400i%2C600%2C700&display=swap&ver=3.0.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 384c67e8d8a6190697a52339aacdcfc23a7b4f050a273a8b5c1ada4e00d78a5a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 25 Nov 2022 23:05:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 25 Nov 2022 23:22:59 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 800 B	125ms 41ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51e619d72d50b475a38860dc81a9b998672f3c1e839f6430b6a83aa179e7329c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 25 Nov 2022 23:22:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 25 Nov 2022 23:22:59 GMT
GET H2	200	front-end.css www.qflor.com.br/wp-content/themes/qflor/lib/gutenberg/	9 KB 2 KB	763ms 391ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/qflor/lib/gutenberg/front-end.css?ver=3.0.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash a8614178e3bde6ea06f87f73de1f36342fef87f7929af10195621def73d6a056 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 28 Nov 2019 14:19:15 GMT server nginx etag "226f-59868cc4a5ec0-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1841
GET H2	200	style.css www.qflor.com.br/wp-content/plugins/simple-social-icons/css/	1 KB 650 B	661ms 290ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.2 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:54:03 GMT server nginx etag "4cc-5e6d3f139be32-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 437
GET H2	200	joinchat.min.css www.qflor.com.br/wp-content/plugins/creame-whatsapp-me/public/css/	15 KB 4 KB	662ms 290ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.5.9 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e7185dc271d21dece807b0c07aab2bf5b0ccad030e46d9c3bf78b10f2803d5eb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:21 GMT server nginx etag "3ad2-5e56f3679adea-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4125
GET H2	200	js_composer.min.css www.qflor.com.br/wp-content/plugins/js_composer/assets/css/	473 KB 45 KB	765ms 394ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash bf376bda577cabdec91f4e3f27597af77cb736bd548e87e987e1ee97e0549f1c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:26 GMT server nginx etag "765f9-5b8ce950ab243-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 45758
GET H2	200	main.css www.qflor.com.br/wp-content/themes/qflor/assets/css/	130 KB 17 KB	764ms 394ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/css/main.css?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 92c60a0f96887fa02c131fe297e5241bad10617ecea828f1ad855461ae557205 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 27 Jan 2021 22:30:33 GMT server nginx etag "20623-5b9e951c422fe-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 17576
GET H2	200	Defaults.css www.qflor.com.br/wp-content/uploads/smile_fonts/Defaults/	27 KB 5 KB	662ms 291ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 28 Nov 2019 14:19:30 GMT server nginx etag "6bf7-59868cd2f4080-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4755
GET H2	200	ultimate.min.css www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/	415 KB 45 KB	662ms 291ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.7 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 3df3e45dba7aa51d92bceefae266fd902619207adfde8c38d638767174a6362c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:27 GMT server nginx etag "67ad4-5b8ce9513ab38-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 46225
GET H2	200	active-styles.css www.qflor.com.br/wp-content/micro-themes/	811 B 543 B	661ms 291ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/micro-themes/active-styles.css?mts=131&ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 546063f828356d4ff309ae35b8597f0ee8334246e7b727e0f18ff8448d9897ef Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 06 Oct 2021 12:21:46 GMT server nginx etag "32b-5cdae3093fb64-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 330
GET H2	200	jetpack.css c0.wp.com/p/jetpack/11.2/css/	84 KB 15 KB	94ms 28ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.2/css/jetpack.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 19 Jul 2022 17:25:16 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	jquery.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/jquery/	87 KB 30 KB	135ms 69ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/jquery/jquery.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	jquery-migrate.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/jquery/	11 KB 4 KB	135ms 68ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Wed, 18 Nov 2020 09:06:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	gtm4wp-woocommerce-enhanced.js Show response www.qflor.com.br/wp-content/plugins/duracelltomi-google-tag-manager/js/	40 KB 7 KB	762ms 392ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-woocommerce-enhanced.js?ver=1.16.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash fea4158aa4e6096a3fbee8fc2115d4858dc276a8cbdc87cabc0424bbe88da6a1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:18 GMT server nginx etag "a19b-5e56f3647c033-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 7136
GET H2	200	jquery.blockUI.min.js Show response c0.wp.com/p/woocommerce/6.8.0/assets/js/jquery-blockui/	9 KB 3 KB	135ms 69ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/js/jquery-blockui/jquery.blockUI.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 19 Jul 2022 19:16:40 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	add-to-cart.min.js Show response c0.wp.com/p/woocommerce/6.8.0/assets/js/frontend/	3 KB 1006 B	135ms 69ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/js/frontend/add-to-cart.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 19 Jul 2022 19:16:40 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	woocommerce-add-to-cart.js Show response www.qflor.com.br/wp-content/plugins/js_composer/assets/js/vendors/	992 B 597 B	759ms 389ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.0.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 654aaebdea944313257827be97eb196a8218a2cdfc9ba399db23e2cd4c02bd79 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:26 GMT server nginx etag "3e0-5b8ce950b1fa4-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 374
GET H2	200	s-202247.js Show response stats.wp.com/	9 KB 4 KB	600ms 24ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/s-202247.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br server nginx etag W/"62f6b688-2494" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 expires Mon, 20 Nov 2023 21:22:56 GMT
GET H2	200	wpm-public.p1.min.js Show response www.qflor.com.br/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/	79 KB 18 KB	763ms 393ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/wpm-public.p1.min.js?ver=1.19.4 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 69572c144b88ddfe40dfafe029ef7b03c665ff6dce90037042e175d25f294bce Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:52 GMT server nginx etag "13af9-5e6d3f09a7f13-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 18661
GET H2	200	core.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/jquery/ui/	20 KB 6 KB	134ms 68ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/jquery/ui/core.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Thu, 03 Feb 2022 00:04:02 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:22:59 GMT
GET H2	200	ultimate.min.js Show response www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/	249 KB 57 KB	763ms 394ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate.min.js?ver=3.16.7 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 01027953c0684689105689d0a6e9786d3f4d89f950f1b0c4effeafc0ddbda7df Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:27 GMT server nginx etag "3e4bc-5b8ce95134d77-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 57807
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	683ms 107ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-172169982-2 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5b8eba4eba7dd6d82d2a1db240407ba94124ad86075ef67a2d240d5e06e1762c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44702 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	404	icomoon.ttf fxwinning-login-acess.ga/assets/css/fonts/	0 0	61ms 59ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fxwinning-login-acess.ga/assets/css/fonts/icomoon.ttf Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:22:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 05 Jan 2021 12:14:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRfr0dyT%2B2CFxeBZ5kdeqAXCekcEPsWlEqArSF77GBsPHRY5yijNzsWBQh9G6GHxbLtRsWY5b0q3x0v9SItx0jeoU0XW91whH3woWL2mUU7CQ%2BmlaFtWO7nN7N8Hjl3TPA4pC0tRTmP2o%2BeTmwU2tKTNwrWQAO8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 76fe2127bd17b945-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cropped-qflor-logo-icon-black.png i0.wp.com/www.qflor.com.br/wp-content/uploads/2019/12/	18 KB 18 KB	636ms 70ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2019/12/cropped-qflor-logo-icon-black.png?w=448&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 3066008bc2396aa28a3b7682277eabaf78a59b18a4a6e5d5d897ec2f344c5e49 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 5 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Tue, 22 Nov 2022 12:28:24 GMT server nginx etag "a3c1375ce773fc44" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2019/12/cropped-qflor-logo-icon-black.png>; rel="canonical" content-length 18002 expires Fri, 22 Nov 2024 00:28:24 GMT
GET H/1.1	200 OK	pollendrop.jpg www.pollendrop.com/images/uploads/videos/	120 KB 120 KB	641ms 36ms	Image image/jpeg	46.183.8.5 UK-34SP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.pollendrop.com/images/uploads/videos/pollendrop.jpg Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.183.8.5 , United Kingdom, ASN41357 (UK-34SP-AS, GB), Reverse DNS Software Apache / Resource Hash b9765a83b1b2bed7d6e79ac6b7dc81fa3dc5611e5a3d230dad2e5f6b33341457 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Fri, 25 Nov 2022 23:23:00 GMT Last-Modified Wed, 21 Nov 2018 21:50:32 GMT Server Apache ETag "1de35-57b33bd3d1a00" Content-Type image/jpeg Cache-Control max-age=2592000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 122421 Expires Sun, 25 Dec 2022 23:23:00 GMT
GET H2	200	logo.svg cdn.trustindex.io/assets/platform/Google/	2 KB 1 KB	610ms 35ms	Image image/svg+xml	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.trustindex.io/assets/platform/Google/logo.svg Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash b1ab2881fa11a0b27041146e2dfe816a144bb5961df335703eb6dc924801c7de Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 04:22:20 GMT content-encoding gzip via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 154840 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin referrer-policy origin last-modified Tue, 22 Feb 2022 22:43:27 GMT server Apache/2.4.29 (Ubuntu) etag W/"819-5d8a313da09a9" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id rYel7b-q8Wvh_M3EovvnQU157-BN0fF1uF7dsXgsEvQj8gu3xWpDGw==
GET H2	200	mastercard-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	2 KB 2 KB	175ms 167ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/mastercard-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash f9ab57794678161d2d2ac4d2ce04318b7955952034ac8adbcb5ea8b4c22beedb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:57 GMT server nginx etag "716-5af87e5fd368e" content-type image/png accept-ranges bytes content-length 1814
GET H2	200	visa-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	1 KB 1 KB	175ms 168ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/visa-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash a0ed93538d553de0b30a088d67ca591e9fef1b11a6debe88febd330cec63aa98 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:58 GMT server nginx etag "44f-5af87e60748b3" content-type image/png accept-ranges bytes content-length 1103
GET H2	200	elo-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	47 KB 48 KB	176ms 168ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/elo-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash b375b48e134fec2402ff388b9b23d62dbaf8eef9eb62c3c1bab37c87e46eaea6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 23 Sep 2020 19:19:44 GMT server nginx etag "bced-5affff759e5fe" content-type image/png accept-ranges bytes content-length 48365
GET H2	200	americanexpress-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	1 KB 1 KB	178ms 171ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/americanexpress-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 19609aa64b880dfc0b1ea3a291463be2dec5e4d22303c1d53d453b60df9528d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:56 GMT server nginx etag "4f6-5af87e5ec6da6" content-type image/png accept-ranges bytes content-length 1270
GET H2	200	hiper-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	12 KB 12 KB	180ms 174ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/hiper-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash cc0760819afe0c996427d1e1429e9dbdb3aef2db321b1e986e2b6e7fbef68c4d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 23 Sep 2020 19:18:09 GMT server nginx etag "30e0-5affff1a5fc4d" content-type image/png accept-ranges bytes content-length 12512
GET H2	200	hipercard-icon.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	197 KB 198 KB	183ms 177ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/hipercard-icon.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 2a7f30739078b5aa52a165a79901c9fe2544f9070912ac7b023d00c863ea5958 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 23 Sep 2020 19:20:41 GMT server nginx etag "3139d-5affffabda496" content-type image/png accept-ranges bytes content-length 201629
GET H2	200	boleto.png www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/	6 KB 7 KB	252ms 245ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/payment-icons/boleto.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash dcb6af39999191ad90590275deb0ca016e2c52bbe59bd9cac143c12b83415745 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:56 GMT server nginx etag "198e-5af87e5ec5e06" content-type image/png accept-ranges bytes content-length 6542
GET H2	200	ssl-logo.png www.qflor.com.br/wp-content/themes/qflor/assets/img/footer-icons/	25 KB 26 KB	212ms 205ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/footer-icons/ssl-logo.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 576e08e962c15b3ebe6c50a65365653a4cbba2dfaec2a6062fa3894cb4d86c26 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 23 Sep 2020 18:44:07 GMT server nginx etag "6597-5afff77effef5" content-type image/png accept-ranges bytes content-length 26007
GET H2	200	ssl-transaction-logo.png www.qflor.com.br/wp-content/themes/qflor/assets/img/footer-icons/	129 KB 130 KB	253ms 246ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/footer-icons/ssl-transaction-logo.png Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash c7843f75bc73da65c75017ebfda617c364b77f5c0c9812b8dadef0e832ee28cd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Wed, 23 Sep 2020 18:55:42 GMT server nginx etag "204ae-5afffa15fc14e" content-type image/png accept-ranges bytes content-length 132270
GET H3	200	email-decode.min.js Show response fxwinning-login-acess.ga/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	31ms 31ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fxwinning-login-acess.ga/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Nov 2022 13:35:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"637cd00d-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc%2Fx2rxFzaEKzFVgxyrUkfHQnyMVvUbHpDmMVkrbR6q8fr7HaSjBXiZx8BdyK%2FgRsNm3ERfjLUXfc%2FZb18nDsgdhuIqClqaOVu9rRHUCnBP%2FdIkByd3z%2BKXOP%2FlfrHLRbTJnsgvGD9wFw6Lgyaygc30BtC%2B1SsU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 76fe212d0b9eb706-AMS expires Sun, 27 Nov 2022 23:23:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	135 KB 52 KB	619ms 46ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c66862d16a8dd01aede2016577b6ce55707fc77937c87a13f33db474bc35bfba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52991 x-xss-protection 0 last-modified Fri, 25 Nov 2022 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	trustindex-google-widget.css www.qflor.com.br/wp-content/uploads/	13 KB 3 KB	98ms 97ms	Stylesheet text/css	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/uploads/trustindex-google-widget.css?ver=1661172851 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash bae8259dffe108cb5d4f8f55c2be76816e3fd02ff7dc25bd19939c4a032f07b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:54:11 GMT server nginx etag "3517-5e6d3f1b6bf5e-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2706
GET H2	200	photon.min.js Show response c0.wp.com/p/jetpack/11.2/_inc/build/photon/	685 B 417 B	34ms 22ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/11.2/_inc/build/photon/photon.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 07 Dec 2021 16:56:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:23:00 GMT
GET H2	200	jquery.selectBox.min.js Show response www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/js/	15 KB 4 KB	112ms 98ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:35 GMT server nginx etag "3a4f-5e56f37534713-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3780
GET H2	200	jquery.prettyPhoto.min.js Show response www.qflor.com.br/wp-content/plugins/woocommerce/assets/js/prettyPhoto/	21 KB 6 KB	113ms 99ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash c0f874276d38c6d9e43767d76a15de39506461b268a3cbf19fc8218f3ec8631a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:51:45 GMT server nginx etag "533e-5e6d3e9062dbc-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5746
GET H2	200	jquery.yith-wcwl.min.js Show response www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/js/	24 KB 7 KB	113ms 100ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.12.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:35 GMT server nginx etag "6177-5e56f37534713-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 6626
GET H2	200	frontend.js Show response www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/js/	51 KB 8 KB	117ms 104ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/js/frontend.js?ver=5.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 1eccad2fb12198c833f3c5abf0a732bfbbf23f7f94ddcafa1f2f3c19c9c3f145 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:26 GMT server nginx etag "cc44-5e6d3ef090daf-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 8251
GET H2	200	colcade.js Show response www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/js/	10 KB 3 KB	112ms 98ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/js/colcade.js?ver=5.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 1f75584451d1806af31c524aed578b1efabe9eafcb303b835f5735d20da2e07d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:26 GMT server nginx etag "2886-5e6d3ef090daf-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3141
GET H2	200	regenerator-runtime.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/dist/vendor/	6 KB 2 KB	37ms 24ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/dist/vendor/regenerator-runtime.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Mon, 15 Nov 2021 16:35:13 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:23:00 GMT
GET H2	200	wp-polyfill.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/dist/vendor/	19 KB 7 KB	38ms 25ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/dist/vendor/wp-polyfill.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Mon, 15 Nov 2021 12:50:17 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:23:00 GMT
GET H2	200	index.js Show response www.qflor.com.br/wp-content/plugins/contact-form-7/includes/js/	21 KB 7 KB	113ms 100ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:22 GMT server nginx etag "5591-5e6d3eeca6dd8-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 6564
GET H2	404	9206011.js js.hs-scripts.com/	0 0	714ms 141ms	Script application/json	2606:4700::6811:d5cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/9206011.js?ver=6.8.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers
GET H2	200	site_main.js Show response www.qflor.com.br/wp-content/plugins/woo-discount-rules/v2/Assets/Js/	9 KB 2 KB	113ms 101ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woo-discount-rules/v2/Assets/Js/site_main.js?ver=2.4.4 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 9d58be93d455eb9e641052f86b28d51a1c47c3283679fd12e5ec457cf2f40161 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:52:08 GMT server nginx etag "25cf-5e6d3ea61aa20-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1578
GET H2	200	awdr-dynamic-price.js Show response www.qflor.com.br/wp-content/plugins/woo-discount-rules/v2/Assets/Js/	3 KB 1 KB	113ms 101ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/woo-discount-rules/v2/Assets/Js/awdr-dynamic-price.js?ver=2.4.4 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash cb8528f82c58653ab48a3c62c296c0e5b8483ab9d53a435d1372d401fd2a63d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:52:08 GMT server nginx etag "bed-5e6d3ea61aa20-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 829
GET H2	200	gtm4wp-form-move-tracker.js Show response www.qflor.com.br/wp-content/plugins/duracelltomi-google-tag-manager/js/	1 KB 585 B	114ms 102ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:18 GMT server nginx etag "5a9-5e56f3647c033-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 362
GET H2	200	dismiss.js Show response www.qflor.com.br/wp-content/plugins/genesis-blocks/dist/assets/js/	923 B 695 B	114ms 102ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1659640697 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ab326900e21f10d902070c93ca7824fb7f14e0901179b86631421e6bc4aaf257 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:17 GMT server nginx etag "39b-5e56f363f637f-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 472
GET H2	200	mailchimp-woocommerce-public.min.js Show response www.qflor.com.br/wp-content/plugins/mailchimp-for-woocommerce/public/js/	7 KB 2 KB	175ms 163ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.2.01 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e23064f0de65944686ada90242a58d8c0de5ed90225c573b883640d315104c04 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:22 GMT server nginx etag "1ac6-5e56f368323e1-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2171
GET H2	200	hoverIntent.min.js Show response c0.wp.com/c/5.9.5/wp-includes/js/	1 KB 723 B	37ms 25ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9.5/wp-includes/js/hoverIntent.min.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 491ee20092ce969e6785601ae4595748d4ac5ee4df19012b19b77de6c9dfd357 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Mon, 03 Jan 2022 15:03:18 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:23:00 GMT
GET H2	200	superfish.min.js Show response www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/	4 KB 2 KB	160ms 149ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.10 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ece565a1f66a32347dfed83562c428ff7736648de72b0027dd8f0e0f27e0c327 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 12 Jan 2021 20:15:37 GMT server nginx etag "1193-5b8b9af93a97b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1894
GET H2	200	superfish.args.min.js Show response www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/	132 B 354 B	176ms 165ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=3.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 20550f7bcb2a817ac9a5879e04260da8268e971c0b8031a6b7a2f48a55ee60d5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 12 Jan 2021 20:15:37 GMT server nginx etag "84-5b8b9af93a97b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 132
GET H2	200	skip-links.min.js Show response www.qflor.com.br/wp-content/themes/genesis/lib/js/	386 B 474 B	175ms 164ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/genesis/lib/js/skip-links.min.js?ver=3.3.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ade38136058fcd75880d3673855aff859ee377d5915e59cccf24a973d418bebb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 12 Jan 2021 20:15:37 GMT server nginx etag "182-5b8b9af93b91b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 251
GET H2	200	main.js Show response www.qflor.com.br/wp-content/themes/qflor/assets/js/	190 KB 49 KB	265ms 254ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/js/main.js?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash cb228f980b28faa1f1f5abe75d490eee1e2d36a9741973702c7ed9a3f672873d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:47 GMT server nginx etag "2f6b7-5af87e5655b43-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 50225
GET H2	200	joinchat.min.js Show response www.qflor.com.br/wp-content/plugins/creame-whatsapp-me/public/js/	8 KB 3 KB	176ms 165ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.5.9 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5aa00b165dddb07de04c294eba71d10752500719a994595af24c0eb691ca03ec Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:21 GMT server nginx etag "1f3c-5e56f3679adea-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2698
GET H2	200	responsive-menus.min.js Show response www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/	4 KB 2 KB	177ms 166ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/themes/genesis/lib/js/menu/responsive-menus.min.js?ver=1.1.3 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ce0e81b6a3315a2bc4da2c35329f773884b8c7a8896070c590af3462951e0a2a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Tue, 12 Jan 2021 20:15:37 GMT server nginx etag "e5c-5b8b9af93a97b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1420
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 650 B	654ms 76ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&ver=3.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e1b33aeebd0296215cbd4578e3f10649685c6cea169b373bf37fef58d10a1704 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 585 x-xss-protection 1; mode=block expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	index.js Show response www.qflor.com.br/wp-content/plugins/contact-form-7/modules/recaptcha/	999 B 730 B	176ms 166ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.2 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:22 GMT server nginx etag "3e7-5e6d3eeca5e38-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 507
GET H2	200	maxmegamenu.js Show response www.qflor.com.br/wp-content/plugins/megamenu/js/	30 KB 5 KB	181ms 171ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.8 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash d205d2093a3411531f600e78e152f0c86aca40ba64edf7d7d1c995215c23fab8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 22 Aug 2022 12:53:37 GMT server nginx etag "7741-5e6d3efb13623-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4877
GET H2	200	search.min.js Show response www.qflor.com.br/wp-content/plugins/ajax-search-for-woocommerce/assets/js/	57 KB 15 KB	263ms 253ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash fbceade83c7e3eb32d8b301742877f61d7216092242200ab42022833030522e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:17 GMT server nginx etag "e49c-5e56f36338c22-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 15460
GET H2	200	js_composer_front.min.js Show response www.qflor.com.br/wp-content/plugins/js_composer/assets/js/dist/	20 KB 6 KB	178ms 169ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:26 GMT server nginx etag "5079-5b8ce950b2f44-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5818
GET H2	200	loader.js Show response cdn.trustindex.io/	21 KB 6 KB	609ms 35ms	Script application/javascript	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustindex.io/loader.js?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 722f2b1eb4a0debe95c8647365eebb2afec75e68a13b7a56c7315199b004f3f6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 16:40:39 GMT content-encoding gzip via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 24145 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 5996 referrer-policy origin last-modified Thu, 24 Nov 2022 09:00:10 GMT server Apache/2.4.29 (Ubuntu) etag "55e5-5ee33a1e8aa8e-gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * accept-ranges bytes access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id uGm0waCUTK2YLSioujpE-Kb9bvVhJhdszUBQGjP0ZGuH7_IFNQ0DhQ==
GET H2	200	akismet-frontend.js Show response www.qflor.com.br/wp-content/plugins/akismet/_inc/	9 KB 3 KB	258ms 252ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1659640693 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 92d6cc26916cd66aa6baa7829955829200236292f68561c1c0fc44cbf970b28d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 04 Aug 2022 19:18:13 GMT server nginx etag "23ce-5e56f36010229-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2653
GET H2	200	e-202247.js Show response stats.wp.com/	9 KB 3 KB	571ms 25ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202247.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br server nginx etag W/"62f6b688-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 13 Nov 2023 03:57:30 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	887 B 998 B	623ms 47ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&hl=pt-BR Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 09a4f730512e8b4b7e0e0651c95afe216bbb4dd0caf66e5bdbd7a562a02876b9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 585 x-xss-protection 1; mode=block expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	wp-emoji-release.min.js Show response www.qflor.com.br/wp-includes/js/	18 KB 5 KB	259ms 254ms	Script application/javascript	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 22 Jul 2021 17:25:55 GMT server nginx etag "4705-5c7b99458cacc-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4930
GET H2	200	woocommerce-smallscreen.css c0.wp.com/p/woocommerce/6.8.0/assets/css/	7 KB 1 KB	30ms 25ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/css/woocommerce-smallscreen.css Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 16 Feb 2021 23:11:32 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * expires Sat, 25 Nov 2023 23:23:00 GMT
GET H/1.1	200 OK	library.js Show response qflorcombr.api.oneall.com/socialize/	45 KB 13 KB	480ms 45ms	Script text/javascript	136.243.63.184 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://qflorcombr.api.oneall.com/socialize/library.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS xip08.oneall.com Software nginx / Resource Hash 287d89be777cd4336db63fb00a2a20aa1c1ebee34b9a900c057068893fa23c6d Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Pragma private Date Fri, 25 Nov 2022 23:23:00 GMT Content-Encoding gzip Last-Modified Wed, 02 Sep 2020 19:38:29 GMT Server nginx X-Forwarded-Target xwhiskey.oneall.com Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Content-Type text/javascript; charset=UTF-8 Cache-Control max-age=14400, private Connection keep-alive Content-Length 12454 X-Cached HIT Expires Sat, 26 Nov 2022 03:22:44 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	94 KB 37 KB	90ms 89ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TF7S6QQ Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 412cb07d6a4a88b173634d823ac91c2ae748cf82aa2e9547ebf64b8229a7e896 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37717 x-xss-protection 0 last-modified Fri, 25 Nov 2022 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	143ms 45ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 25 Nov 2022 23:23:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27340 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug cpuKCwEMtzRvh7S14g2utaoXaZxcI7eVCq9+/yODMc72xDHd0CFbu0FpzdhZOdth7ELaywgE6dwbREKMU6vY0g== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	639ms 76ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=5.9.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 17:08:09 GMT x-content-type-options nosniff age 281691 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 17:08:09 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	597ms 34ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=5.9.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 09:59:57 GMT x-content-type-options nosniff age 48183 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 25 Nov 2023 09:59:57 GMT
GET		icomoon.ttf www.qflor.com.br/wp-content/themes/qflor/assets/css/fonts/	0 0
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 15 KB	629ms 66ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=5.9.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 01:24:32 GMT x-content-type-options nosniff age 165508 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15700 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Nov 2023 01:24:32 GMT
GET H2	200	ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 15 KB	644ms 106ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRoboto+Condensed%3A400%2C700&ver=5.9.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 22:18:51 GMT x-content-type-options nosniff age 263049 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15660 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:42:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 22:18:51 GMT
GET H2	200	star.woff c0.wp.com/p/woocommerce/6.8.0/assets/fonts/	1 KB 1 KB	74ms 24ms	Font application/octet-stream	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/woocommerce/6.8.0/assets/fonts/star.woff Requested by Host: c0.wp.com URL: https://c0.wp.com/p/woocommerce/6.8.0/assets/css/woocommerce.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://c0.wp.com/p/woocommerce/6.8.0/assets/css/woocommerce.css Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 2 date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=15552000 last-modified Wed, 23 May 2018 15:30:10 GMT server nginx access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 1304 expires Sat, 25 Nov 2023 23:23:00 GMT
GET H2	200	GH000706_V1_cover_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/	20 KB 20 KB	561ms 81ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/GH000706_V1_cover_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 9e50df78821e663951d5f0943b1ff5e3ebe23510ae3e2db2d09bc01cbb22b505 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 4 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "fc93e4db4429722f" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/09/GH000706_V1_cover_wp.jpg>; rel="canonical" content-length 20362 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	GH000706_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/	16 KB 17 KB	561ms 81ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/GH000706_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash f502b512f39b6dcc4f21c9b2b58fcf4618c390e5da40822795f88320cdab24f3 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 6 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "f58030bd6f9b90dd" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/09/GH000706_V4_wp.jpg>; rel="canonical" content-length 16750 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	EP000533_V1_cover_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/	11 KB 11 KB	578ms 98ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/EP000533_V1_cover_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 66d0a2786a4d6b3d0154f117458b056e1ead7961f48330d33c8271639df6ac5f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 1 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "b147ac74b3c0277e" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/03/EP000533_V1_cover_wp.jpg>; rel="canonical" content-length 11256 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	EP000533_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/	35 KB 35 KB	567ms 86ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/EP000533_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 5121451d8f6e8e91b3af931852576748cffa925be773af5fe91ea4e9151c205c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 2 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "ade6a8da9bef9ac9" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/03/EP000533_V4_wp.jpg>; rel="canonical" content-length 35894 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	KM000701_V1_cover_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/11/	18 KB 18 KB	627ms 147ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/11/KM000701_V1_cover_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash d563c197851f025d9786078fbc9d000057e178c535af2c73ac245498277aa7fb Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 7 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "c27fbe9a58b15c6e" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/11/KM000701_V1_cover_wp.jpg>; rel="canonical" content-length 18516 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	KM000701_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/	150 KB 150 KB	680ms 200ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/KM000701_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 2c66ad1b0a9d2b51c5174ff02501b5d88585483aecb9e99cab6d196b8f048c4f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 7 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "3b00171621243939" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/09/KM000701_V4_wp.jpg>; rel="canonical" content-length 153616 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	LM000101_V1_cover_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/05/	104 KB 104 KB	631ms 151ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/05/LM000101_V1_cover_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash d52fc6c86bfcb9dc8742e9cccc7b1339ad1f993e39eca644f3fa8a40e1b22884 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 3 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "1c3cab019d598993" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/05/LM000101_V1_cover_wp.jpg>; rel="canonical" content-length 106162 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	LM000101_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/05/	167 KB 168 KB	673ms 193ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/05/LM000101_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash a3d9707b7e2ad6e4bffd61efddc92a76e20d6018d01422ad75c0d174d8ad8f48 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 4 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "2535aee3ed97797b" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/05/LM000101_V4_wp.jpg>; rel="canonical" content-length 171414 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	573ms 45ms	Fetch application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-172169982-2 Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/plugins/woocommerce-google-adwords-conversion-tracking-tag/js/public/wpm-public.p1.min.js?ver=1.19.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 506b05c602626cc3a4eb319f293ede51236f13119231ae77ba649f40c598b563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Origin, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin https://fxwinning-login-acess.ga cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44735 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	EL004001_V1_cover_wp-2.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/	13 KB 13 KB	494ms 81ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/EL004001_V1_cover_wp-2.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash b5913a17ea12bf9defb75ba88f0b1e8432a43cfc49b0ce02a3d4a17656a12537 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 7 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "cef402acc3e50f37" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/03/EL004001_V1_cover_wp-2.jpg>; rel="canonical" content-length 13384 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	EL004001_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/	26 KB 26 KB	524ms 111ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2022/03/EL004001_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash a4e0290729916caf6b6ecefa5876a6d0066b280f15bea12c30ca2cf95ec5aa4d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 4 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "cebf210f82ee822d" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2022/03/EL004001_V4_wp.jpg>; rel="canonical" content-length 26512 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	EK000101_V1_cover_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/	88 KB 89 KB	599ms 186ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/EK000101_V1_cover_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 93e60f86ca496bcc37372fb13debe389ab010cddef7c20accf66b9b16785063b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 1 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "16d527f75844adbb" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/09/EK000101_V1_cover_wp.jpg>; rel="canonical" content-length 90620 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	EK000101_V4_wp.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/	159 KB 160 KB	439ms 26ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/09/EK000101_V4_wp.jpg?resize=500%2C500&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 4574728a682f2607adc688375e86e178a2f381b31c547313b20f8f695670e97d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc HIT ams 3 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 19:55:42 GMT server nginx etag "43dfbb5284e0cbc5" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/09/EK000101_V4_wp.jpg>; rel="canonical" content-length 163232 expires Mon, 25 Nov 2024 07:55:42 GMT
GET H2	200	home-01-e1605575910197.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2019/11/	56 KB 57 KB	90ms 90ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2019/11/home-01-e1605575910197.jpg?fit=600%2C567&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash a3dc564ed30006e8f83f6bb1f142d0b64d4ce867bb0cbe6ab4f01cd5d8d84101 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 8 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "731e263404d5b398" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2019/11/home-01-e1605575910197.jpg>; rel="canonical" content-length 57726 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	flowers-thumb.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/	14 KB 14 KB	53ms 52ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/flowers-thumb.jpg?w=200&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 62583f017ba4f3193e8796545c96e3222b79609ad9d7d9492428ab7f3e1aa064 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 7 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "22886abdcd8a9a8f" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2020/09/flowers-thumb.jpg>; rel="canonical" content-length 14044 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H/1.1	206 Partial Content	pollendrop.m4v www.pollendrop.com/images/uploads/videos/	1 MB 1 MB	111ms 38ms	Media video/mp4	46.183.8.5 UK-34SP-AS
General Check archive.org Show headers Download Go to Full URL https://www.pollendrop.com/images/uploads/videos/pollendrop.m4v Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.183.8.5 , United Kingdom, ASN41357 (UK-34SP-AS, GB), Reverse DNS Software Apache / Resource Hash fabc581383ed661f0d0c3313e2ef50a0620695bd8112a9f1fd128a4b9bfb5e3a Request headers Referer https://fxwinning-login-acess.ga/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Range bytes=0- Response headers Date Fri, 25 Nov 2022 23:23:00 GMT Last-Modified Wed, 21 Nov 2018 21:50:34 GMT Server Apache ETag "134f7d-57b33bd5b9e80" Content-Type video/mp4 Content-Range bytes 0-1265532/1265533 Cache-Control max-age=2592000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1265533 Expires Sun, 25 Dec 2022 23:23:00 GMT
GET		symbol-defs.svg www.qflor.com.br/wp-content/plugins/simple-social-icons/	0 0
GET		symbol-defs.svg www.qflor.com.br/wp-content/plugins/simple-social-icons/	0 0
GET H/1.1	200 OK	00e6587ad7abffd67421d1adf.js Show response chimpstatic.com/mcjs-connected/js/users/33c17b595be48a69df518bfe0/	2 KB 1 KB	253ms 142ms	Script application/javascript	96.16.131.108 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://chimpstatic.com/mcjs-connected/js/users/33c17b595be48a69df518bfe0/00e6587ad7abffd67421d1adf.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-131-108.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers X-EdgeConnect-Origin-MEX-Latency 97 Date Fri, 25 Nov 2022 23:23:00 GMT Content-Encoding gzip x-amz-request-id CA6RX8HTERTHVVV2 X-EdgeConnect-MidMile-RTT 0 Connection keep-alive Content-Length 653 x-amz-id-2 T7HGu1kDpUC6eDnWtL10ieVXDxgWSD/Wi9OngEymgz5JwmVhCS5jznCBSa+ISH+0hop37eDot8w= Last-Modified Wed, 26 Jan 2022 00:56:18 GMT Server AmazonS3 ETag "4b60d3ea13c42468679685c32a1680ac" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1781 Accept-Ranges bytes Expires Fri, 25 Nov 2022 23:52:41 GMT
GET H2	200	f.svg cdn.trustindex.io/assets/platform/Google/star/	2 KB 1 KB	36ms 35ms	Image image/svg+xml	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.trustindex.io/assets/platform/Google/star/f.svg Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/uploads/trustindex-google-widget.css?ver=1661172851 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash fd0a18f717ca19bcbca32a12434f22221709c6297fab91466d2bdb2b21cc0287 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 08 Nov 2022 06:41:41 GMT content-encoding gzip via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 1528879 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin referrer-policy origin last-modified Tue, 22 Feb 2022 22:43:27 GMT server Apache/2.4.29 (Ubuntu) etag W/"6be-5d8a313da09a9" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id ZYq9XMj6Ss14BEqum3qAa-VVqhK3SVU11WS5xJUYa6EEBEGqsYYUZA==
GET H2	200	h.svg cdn.trustindex.io/assets/platform/Google/star/	2 KB 1 KB	38ms 37ms	Image image/svg+xml	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.trustindex.io/assets/platform/Google/star/h.svg Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/uploads/trustindex-google-widget.css?ver=1661172851 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 7d231298172a98e3e3e29a738618542f1031d9ae25024717304c02d2f3ef1ccd Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 06:18:14 GMT content-encoding gzip via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 1271086 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin referrer-policy origin last-modified Tue, 22 Feb 2022 22:43:27 GMT server Apache/2.4.29 (Ubuntu) etag W/"758-5d8a313da09a9" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id h7qdeHzMrp3s8RtNnE5K2EITgnLIDB_IT1c8_Woyyl2znreVvi2mJw==
GET H2	200	icon.svg cdn.trustindex.io/assets/platform/Google/	742 B 1 KB	37ms 35ms	Image image/svg+xml	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.trustindex.io/assets/platform/Google/icon.svg Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/uploads/trustindex-google-widget.css?ver=1661172851 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash c67cd82de676ba29b89c52107c0aae12094c774c2e0bb179f32888a3dbc3da42 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Sun, 06 Nov 2022 11:49:11 GMT via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 1683229 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 742 referrer-policy origin last-modified Tue, 22 Feb 2022 22:43:27 GMT server Apache/2.4.29 (Ubuntu) etag "2e6-5d8a313da09a9" access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public accept-ranges bytes access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id KLjSz5nDsrZrBQhL2Xs7IZxTG86hX3H_W-aPYk9UZQwNyA0zo0_cZQ==
GET H2	200	e.svg cdn.trustindex.io/assets/platform/Google/star/	2 KB 1 KB	37ms 36ms	Image image/svg+xml	2600:9000:20eb:9e00:9:1645:9cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.trustindex.io/assets/platform/Google/star/e.svg Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/uploads/trustindex-google-widget.css?ver=1661172851 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:9:1645:9cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 40493331339b9b05a6247618ea79defbb549b08fe55054d57d4e2de00d8e0ab3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:02:33 GMT content-encoding gzip via 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 cross-origin-embedder-policy require-corp age 1844427 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin referrer-policy origin last-modified Tue, 22 Feb 2022 22:43:27 GMT server Apache/2.4.29 (Ubuntu) etag W/"6bf-5d8a313da09a9" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-headers origin, x-requested-with, content-type x-amz-cf-id kIxxm4ezYtRLHnX29OE4OrgvfwyZ9MUJ71M_zn1NawmqVcJaOzSa2A==
GET H2	200	highlight-newsletter-bg.png www.qflor.com.br/wp-content/themes/qflor/assets/img/structure/	89 KB 89 KB	161ms 156ms	Image image/png	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/themes/qflor/assets/img/structure/highlight-newsletter-bg.png Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/themes/qflor/assets/css/main.css?ver=5.9.5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 8a923f3bc8285c3bd596ccd70e3219964cc1e71f65f493afaa7b6e99cb8b67e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/wp-content/themes/qflor/assets/css/main.css?ver=5.9.5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT strict-transport-security max-age=31536000 last-modified Thu, 17 Sep 2020 20:04:59 GMT server nginx etag "16371-5af87e61d12de" content-type image/png accept-ranges bytes content-length 90993
GET H2	200	plantas-thumb.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/	12 KB 12 KB	52ms 50ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/plantas-thumb.jpg?w=200&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 5b184d396ba40a3cd7169bac86b7d1e00e4d996fae55bb8763855e0cdaa6c014 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 3 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "4a03b1d6ad99311c" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2020/09/plantas-thumb.jpg>; rel="canonical" content-length 12648 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	vasos-thumb.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/	12 KB 12 KB	65ms 63ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/vasos-thumb.jpg?w=200&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 933db992341ec6992f73b05245e5008b8edc1b3b526550f572f7420c4119e93b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 1 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "755e4f3714384cba" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2020/09/vasos-thumb.jpg>; rel="canonical" content-length 11960 expires Mon, 25 Nov 2024 11:23:00 GMT
GET H2	200	decoracao-thumb.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/	10 KB 10 KB	64ms 62ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/decoracao-thumb.jpg?w=200&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash c1f11e71f3a24579373ccd8e5d44b3a263328de4dd07ae0720703d859c829360 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 7 date Fri, 25 Nov 2022 23:23:00 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:00 GMT server nginx etag "d2efd9f4118a8cf5" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2020/09/decoracao-thumb.jpg>; rel="canonical" content-length 10160 expires Mon, 25 Nov 2024 11:23:00 GMT
GET		star.woff www.qflor.com.br/wp-content/plugins/woocommerce/assets/fonts/	0 0
GET		icomoon.woff www.qflor.com.br/wp-content/themes/qflor/assets/css/fonts/	0 0
GET		star.ttf www.qflor.com.br/wp-content/plugins/woocommerce/assets/fonts/	0 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 77 KB	213ms 93ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-EQYE14VERM&l=dataLayer&cx=c Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3b78f1c25517fbe5578f54d730c8951fb882137fa90020c23cdb42419098d59b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78448 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	124ms 34ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 25 Nov 2022 21:24:49 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 7091 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Fri, 25 Nov 2022 23:24:49 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	135 KB 52 KB	171ms 58ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-6491068917&l=dataLayer&cx=c Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash abf4642aa5baae64c9ee165283a14cb509999801444981487d08ebac795d2dab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52988 x-xss-protection 0 last-modified Fri, 25 Nov 2022 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 25 Nov 2022 23:23:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	135 KB 52 KB	171ms 59ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4682ac2798d295ac56ac2ac13d7ee5e912a72bf6a882d2081b2d0c6fc1aac2cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53023 x-xss-protection 0 last-modified Fri, 25 Nov 2022 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 25 Nov 2022 23:23:00 GMT
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/	401 KB 161 KB	150ms 72ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0344c4ab3396a35d691302a41bc6fe16c2129e7eb330ee77f182b7a2d38f7ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fxwinning-login-acess.ga/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 19:58:15 GMT content-encoding gzip x-content-type-options nosniff age 357885 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164234 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 21 Nov 2023 19:58:15 GMT
GET H2	200	recaptcha__pt_br.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/	401 KB 161 KB	99ms 34ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&hl=pt-BR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0985d39b1fe2651fa0d9d7181d82af2f6e523516c9edd5e1d1b97648885e1705 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fxwinning-login-acess.ga/ Origin https://fxwinning-login-acess.ga accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 21:25:02 GMT content-encoding gzip x-content-type-options nosniff age 352678 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164105 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 21 Nov 2023 21:25:02 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 2 KB	229ms 76ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418580870&cv=11&fst=1669418580870&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c7bb2b3a5ca8c45ae4230dab9f490090a8793601110f609a36ff8cb8f78dd9db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 942 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	42ms 25ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=180355822&post=8394&tz=-3&srv=www.qflor.com.br&host=fxwinning-login-acess.ga&ref=&fcp=1160&rand=0.13629790933060626 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers access-control-allow-origin * date Fri, 25 Nov 2022 23:23:00 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H2	200	schema Show response www.qflor.com.br/wp-json/contact-form-7/v1/contact-forms/1662/feedback/	264 B 946 B	1411ms 1411ms	Fetch application/json	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.qflor.com.br/wp-json/contact-form-7/v1/contact-forms/1662/feedback/schema Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PHP/7.3.17 Resource Hash 4f9d337b869e57ddcadeb59c86a0973f5cca09ee66428870d12fddf6c7f20736 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://fxwinning-login-acess.ga/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:02 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff x-powered-by PHP/7.3.17 content-length 264 server nginx allow GET access-control-allow-methods OPTIONS, GET, POST, PUT, PATCH, DELETE content-type application/json; charset=UTF-8 access-control-allow-origin https://fxwinning-login-acess.ga access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link vary Origin access-control-allow-credentials true x-robots-tag noindex link <https://www.qflor.com.br/wp-json/>; rel="https://api.w.org/" access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
GET H3	200	identity.js Show response connect.facebook.net/signals/plugins/	64 KB 20 KB	91ms 46ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 25 Nov 2022 23:23:01 GMT document-policy force-load-at-top content-security-policy-report-only default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20722 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug h7WqT2tJ0N0xmh+G4rX8s3TPhpOWBEZFbhY+4i/O1LptUbluYunMJbE5tGu/AAJlv/7VApu2XHBRFy7w4JzvKw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	601343740558158 Show response connect.facebook.net/signals/config/	293 KB 84 KB	146ms 103ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/601343740558158?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fa48b26865893722055373e1e6c06986fe0d40e4c48c88461a2abbad64f9b96a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 25 Nov 2022 23:23:01 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug p4dYdFOLQoFfYrRGAl0+sZJIfUg9zF5Ud1e5F3v5Mxf01FqFBNy4PY2vb+mJTn+vj+4TWegz1uPv+tnb0Sfblw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	404	admin-ajax.php Show response fxwinning-login-acess.ga/wp-admin/	2 KB 2 KB	78ms 77ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fxwinning-login-acess.ga/wp-admin/admin-ajax.php Requested by Host: c0.wp.com URL: https://c0.wp.com/c/5.9.5/wp-includes/js/jquery/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e Request headers Accept */* Referer https://fxwinning-login-acess.ga/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 05 Jan 2021 12:14:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwIrFl4sGns64G5d7K6VE9pD0Vp5SlgxQHeofFvVXEIAuSBz3JApO7YxVfxcCm9PCfCTd%2F7B3F2jRgSJLddGaPoirAdc1zmxzv5e1gnH94tegdy%2FP0P93yNpNwm%2B1yFi6SP5RS1ayeeaKJ%2BHkkMGm%2FjzBJe%2BlGA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html x-turbo-charged-by LiteSpeed platform hostinger cf-ray 76fe2133ae8eb706-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ajax-loader.gif www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/	4 KB 4 KB	100ms 99ms	Image image/gif	104.248.15.163 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ajax-loader.gif Requested by Host: www.qflor.com.br URL: https://www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.248.15.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.qflor.com.br/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ultimate.min.css?ver=3.16.7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:23:01 GMT strict-transport-security max-age=31536000 last-modified Wed, 13 Jan 2021 21:11:27 GMT server nginx etag "1052-5b8ce95138bf8" content-type image/gif accept-ranges bytes content-length 4178
GET H2	200	banner-1.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/	564 KB 565 KB	327ms 326ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2020/09/banner-1.jpg?fit=2300%2C1000&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash d977b53204169fb4d527806ad41c1f8c1680a1d2552d782e5f3af1f9ef8d1fad Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 6 date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:01 GMT server nginx etag "0b5fca00e0dbc3d9" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2020/09/banner-1.jpg>; rel="canonical" content-length 577548 expires Mon, 25 Nov 2024 11:23:01 GMT
GET H2	200	loja-flores-artificiais-e1623958366492.jpg i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/06/	211 KB 212 KB	979ms 979ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/www.qflor.com.br/wp-content/uploads/2021/06/loja-flores-artificiais-e1623958366492.jpg?fit=1000%2C507&ssl=1 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i2.wp.com Software nginx / Resource Hash 5cb923fdba7886a29f0870edbbffe37e64b3411b383a9430647a6f698dcddb01 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers x-nc MISS ams 4 date Fri, 25 Nov 2022 23:23:02 GMT x-content-type-options nosniff last-modified Fri, 25 Nov 2022 23:23:02 GMT server nginx etag "8d717f282447f3cf" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://www.qflor.com.br/wp-content/uploads/2021/06/loja-flores-artificiais-e1623958366492.jpg>; rel="canonical" content-length 216290 expires Mon, 25 Nov 2024 11:23:02 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 984 B	179ms 111ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581147&cv=11&fst=1669418581147&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D19623&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7475b29d54eecf2feb6b638bd168053590487cde7b6da3cf35d7b07354b4a194 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 958 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 983 B	143ms 82ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581156&cv=11&fst=1669418581156&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D25411&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash adb7911f1bbb890df57a35cfc1f1aae613e3a7f1c88ffc6231a58cdab43fdd47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 957 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 984 B	152ms 96ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581160&cv=11&fst=1669418581160&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D20670&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 121443b871299779b66d12cb41be28246c253af68ccfa309f571186dc56c2dd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 958 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 985 B	160ms 110ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581165&cv=11&fst=1669418581165&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D18968&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8511e7af53663c6257cde9e1d7f664e65f1fcd009f0c539444088d4cfed162b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 959 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 986 B	125ms 81ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581169&cv=11&fst=1669418581169&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D24457&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f1f4d1107473154896e285e365c47b8d1a35d61168a9b3bac4df2846e6237944 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 960 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/	2 KB 985 B	154ms 113ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/6491068917/?random=1669418581176&cv=11&fst=1669418581176&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D20756&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-6491068917 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 62a6c111996fa4da3f4a938ae40d61f3ed0550e7950e1a24c54789ae0ed362ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 959 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 884 B	152ms 34ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 22:40:23 GMT content-encoding gzip x-content-type-options nosniff age 2558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 25 Nov 2022 23:40:23 GMT
GET H3	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	151ms 33ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 22:40:23 GMT content-encoding br x-content-type-options nosniff age 2558 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1129 x-xss-protection 0 last-modified Thu, 30 Dec 2021 12:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 25 Nov 2022 23:40:23 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	149ms 40ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1771013588&t=pageview&_s=1&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUIrAAAAACAAI~&jid=1440094837&gjid=1793955294&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&_r=1&gtm=2oub90&z=1673478527 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fxwinning-login-acess.ga/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fxwinning-login-acess.ga cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 967 B	84ms 83ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581253&cv=11&fst=1669418581253&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7156bbae24daecabdadde2b21fc3744a1e3c8d06e3fc242c49df598b54ddc2d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 941 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 982 B	86ms 86ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581272&cv=11&fst=1669418581272&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D19623&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5e495818e4410425105b5ee01a5068937437965564a4edb1e4f4f6b04639782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 956 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 980 B	115ms 115ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581278&cv=11&fst=1669418581278&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D25411&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 447618d2e294ddd27365fe0fbb96e719c4857bcc326be8cd54ed6baeeade3567 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 954 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 982 B	113ms 113ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581284&cv=11&fst=1669418581284&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D20670&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f05805230fcc030aaeda71b4edfd239a4a9d8f524da7d1afd8ba72a955d9761f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 956 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 982 B	118ms 118ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581289&cv=11&fst=1669418581289&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D18968&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f22279d1ecc955937493ff3ead2214cfa5ac6bdbb188e876144b0c19599ca9f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 956 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 981 B	148ms 147ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581293&cv=11&fst=1669418581293&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D24457&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4d6190a6b67aadfa50c80197287bd0af2c6928ae9b6ffeb5630c0d68ccf9249e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 955 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/	2 KB 981 B	84ms 83ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/604540400/?random=1669418581297&cv=11&fst=1669418581297&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&did=dOGY3NW&gdid=dOGY3NW&auid=350772004.1669418581&uaw=0&data=event%3Dview_item_list%3Bid%3D20756&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-604540400&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f97ad7e2c6ef3fdceba59e4845cf1140e861952e6a6f6dd3ba5346c387645134 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 957 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame B880	7 KB 1 KB	127ms 56ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pyvzzl24kx2c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fae87544761148511c6fe503c7804085d99b68fd3179c5875a5dec198ec20194 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MSNbrAQEwDionyiMdW1aag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fxwinning-login-acess.ga/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1056 content-security-policy script-src 'report-sample' 'nonce-MSNbrAQEwDionyiMdW1aag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 25 Nov 2022 23:23:01 GMT expires Fri, 25 Nov 2022 23:23:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame D44E	7 KB 1 KB	111ms 47ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=vwti85q24go2 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9eae610839f490c414b8a8c89a7041484e219b06b3dd302d7f662171ea24eeef Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-den_9RIxuganq1he5PWjkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://fxwinning-login-acess.ga/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 1055 content-security-policy script-src 'report-sample' 'nonce-den_9RIxuganq1he5PWjkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 25 Nov 2022 23:23:01 GMT expires Fri, 25 Nov 2022 23:23:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	204	collect region1.analytics.google.com/g/	0 353 B	118ms 33ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-EQYE14VERM&gtm=2oeb90&_p=1771013588&_gaz=1&cid=973989105.1669418581&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669418581&sct=1&seg=0&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EQYE14VERM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fxwinning-login-acess.ga cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	121ms 34ms	Ping text/plain	2a00:1450:400c:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EQYE14VERM&cid=973989105.1669418581&gtm=2oeb90&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EQYE14VERM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fxwinning-login-acess.ga cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 501 B	153ms 42ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EQYE14VERM&cid=973989105.1669418581&gtm=2oeb90&aip=1&z=2084315074 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	48ms 47ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418580870&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1606482971&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	131ms 45ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418580870&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1606482971&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	75ms 33ms	XHR text/plain	2a00:1450:400c:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172169982-2&cid=973989105.1669418581&jid=1440094837&gjid=1793955294&_gid=970220173.1669418581&_u=YEBAAUIqAAAAACAAI~&z=1123176955 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://fxwinning-login-acess.ga/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fxwinning-login-acess.ga cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	136ms 40ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=601343740558158&ev=PageView&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&rl=&if=false&ts=1669418581540&cd[source]=woocommerce&cd[version]=6.8.0&cd[pluginVersion]=2.6.21&sw=1600&sh=1200&v=2.9.89&r=stable&a=woocommerce-6.8.0-2.6.21&ec=0&o=30&fbp=fb.1.1669418581531.139837825&it=1669418580978&coo=false&rqm=GET Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 25 Nov 2022 23:23:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	48ms 46ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581169&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D24457&fmt=3&is_vtc=1&random=3350510272&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	89ms 45ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581169&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D24457&fmt=3&is_vtc=1&random=3350510272&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	54ms 52ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581156&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D25411&fmt=3&is_vtc=1&random=3208918344&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	92ms 47ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581156&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D25411&fmt=3&is_vtc=1&random=3208918344&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D44E	52 KB 24 KB	177ms 56ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=vwti85q24go2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 13:07:51 GMT content-encoding gzip x-content-type-options nosniff age 36910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Nov 2023 13:07:51 GMT
GET H3	200	recaptcha__pt_br.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D44E	401 KB 160 KB	215ms 95ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=vwti85q24go2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0985d39b1fe2651fa0d9d7181d82af2f6e523516c9edd5e1d1b97648885e1705 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 21:25:02 GMT content-encoding gzip x-content-type-options nosniff age 352679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164105 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 21 Nov 2023 21:25:02 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame B880	52 KB 24 KB	145ms 33ms	Stylesheet text/css	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pyvzzl24kx2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 25 Nov 2022 13:07:51 GMT content-encoding gzip x-content-type-options nosniff age 36910 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 25 Nov 2023 13:07:51 GMT
GET H3	200	recaptcha__pt_br.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame B880	401 KB 160 KB	205ms 94ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__pt_br.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pyvzzl24kx2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0985d39b1fe2651fa0d9d7181d82af2f6e523516c9edd5e1d1b97648885e1705 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 21 Nov 2022 21:25:02 GMT content-encoding gzip x-content-type-options nosniff age 352679 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164105 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 21 Nov 2023 21:25:02 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	49ms 48ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581160&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20670&fmt=3&is_vtc=1&random=3879530549&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 154 B	61ms 44ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581160&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20670&fmt=3&is_vtc=1&random=3879530549&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	50ms 44ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581165&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D18968&fmt=3&is_vtc=1&random=2756111563&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	56ms 46ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581165&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D18968&fmt=3&is_vtc=1&random=2756111563&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	53ms 47ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581147&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D19623&fmt=3&is_vtc=1&random=3229669079&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	52ms 48ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581147&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D19623&fmt=3&is_vtc=1&random=3229669079&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/6491068917/	42 B 64 B	50ms 45ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/6491068917/?random=1669418581176&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20756&fmt=3&is_vtc=1&random=799608896&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/6491068917/	42 B 108 B	52ms 48ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/6491068917/?random=1669418581176&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20756&fmt=3&is_vtc=1&random=799608896&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	46ms 44ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581253&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1886570161&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	66ms 62ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581253&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1886570161&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	49ms 47ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581272&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D19623&fmt=3&is_vtc=1&random=3403174613&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	69ms 65ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581272&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D19623&fmt=3&is_vtc=1&random=3403174613&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	32ms 32ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=pageview&_s=1&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUIrBAAAACAAI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&cd1=no&gdid=dOGY3NW&z=422597198 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	39ms 33ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=pageview&_s=1&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDACUIrBAAAACAAI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&z=1472386176 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 35ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=2&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=19623&il1pi1nm=Buqu%C3%AA%20de%20Amor%20Perfeito%2022cm%20Artificial%20Marrom%20p%2F%20Decora%C3%A7%C3%A3o&il1pi1ca=Amor%20Perfeito%2FFlores&il1pi1ps=1&z=830849939 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 35ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=3&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=25411&il1pi1nm=Buqu%C3%AA%20de%20Rosa%20Flores%20artificiais%20Decorativas%2030cm&il1pi1ca=Flores%2FRosa&il1pi1ps=2&z=2068647373 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 35ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=4&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=20670&il1pi1nm=Haste%20de%20G%C3%A9rbera%20Artificial%20Decora%C3%A7%C3%A3o%2060cm&il1pi1ca=Flores%2FG%C3%A9rbera&il1pi1ps=3&z=139980473 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 35ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=5&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=18968&il1pi1nm=Buqu%C3%AA%20de%20Mini%20Cam%C3%A9lias%20Artificial%2030cm&il1pi1ca=Cam%C3%A9lia%2FFlores&il1pi1ps=4&z=1609544196 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 35ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=6&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=24457&il1pi1nm=Buqu%C3%AA%20de%20Florzinha%20Artificial%2040cm%20Decora%C3%A7%C3%A3o&il1pi1ca=Flores%2FFlorzinha&il1pi1ps=5&z=87306257 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	42ms 36ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1771013588&t=event&ni=1&_s=7&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&ul=en-us&de=UTF-8&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=view_item_list&_u=6GDACUIrBAAAACAMI~&jid=&gjid=&cid=973989105.1669418581&tid=UA-172169982-2&_gid=970220173.1669418581&gtm=2oub90&did=dOGY3NW&gdid=dOGY3NW&il1nm=Product%20List&il1pi1id=20756&il1pi1nm=Buqu%C3%AA%20de%20Capim%20Vanilla%20Artificiais%2039cm&il1pi1ca=Capim%2FPlantas%20e%20Folhagens&il1pi1ps=6&z=735946679 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 02:42:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 74430 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	54ms 48ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581278&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D25411&fmt=3&is_vtc=1&random=3138815431&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	50ms 43ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581278&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D25411&fmt=3&is_vtc=1&random=3138815431&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	56ms 50ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581297&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20756&fmt=3&is_vtc=1&random=2113539035&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	53ms 46ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581297&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20756&fmt=3&is_vtc=1&random=2113539035&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	54ms 49ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581284&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20670&fmt=3&is_vtc=1&random=2883927181&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	51ms 45ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581284&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D20670&fmt=3&is_vtc=1&random=2883927181&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	52ms 47ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581289&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D18968&fmt=3&is_vtc=1&random=182967387&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	49ms 44ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581289&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D18968&fmt=3&is_vtc=1&random=182967387&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/604540400/	42 B 64 B	53ms 48ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/604540400/?random=1669418581293&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D24457&fmt=3&is_vtc=1&random=719476107&rmt_tld=0&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/604540400/	42 B 108 B	48ms 44ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/604540400/?random=1669418581293&cv=11&fst=1669417200000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ffxwinning-login-acess.ga%2F&tiba=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&data=event%3Dview_item_list%3Bid%3D24457&fmt=3&is_vtc=1&random=719476107&rmt_tld=1&ipr=y Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	46ms 46ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-172169982-2&cid=973989105.1669418581&jid=1440094837&_u=YEBAAUIqAAAAACAAI~&z=204949832 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 107 B	45ms 44ms	Image image/gif	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-172169982-2&cid=973989105.1669418581&jid=1440094837&_u=YEBAAUIqAAAAACAAI~&z=204949832 Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://fxwinning-login-acess.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:01 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame D44E	2 KB 2 KB	33ms 32ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 19:40:09 GMT x-content-type-options nosniff age 99772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 01 Dec 2022 19:40:09 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D44E	15 KB 15 KB	97ms 31ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiAKwcAAAAAModyIt8U6LDmU_b3hiVUzc9ULeH&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=vwti85q24go2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 19:21:27 GMT x-content-type-options nosniff age 273694 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 19:21:27 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame B880	2 KB 2 KB	34ms 34ms	Image image/png	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Thu, 24 Nov 2022 19:40:09 GMT x-content-type-options nosniff age 99772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 01 Dec 2022 19:40:09 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame B880	15 KB 15 KB	76ms 34ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeHoM8ZAAAAAOUmzSHBBA2ZZN69TTKOp9uqlcIE&co=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3MuZ2E6NDQz&hl=pt-BR&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pyvzzl24kx2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 19:21:27 GMT x-content-type-options nosniff age 273694 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 19:21:27 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 0024	0 18 B	84ms 40ms	Document text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: fxwinning-login-acess.ga URL: https://fxwinning-login-acess.ga/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://fxwinning-login-acess.ga Referer https://fxwinning-login-acess.ga/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://fxwinning-login-acess.ga alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Fri, 25 Nov 2022 23:23:02 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET DATA	200 OK	truncated /	784 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7124300afb79c45a45111f33348a5814dbd0d93064e056d0d6f55225dba53cb1 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	184 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e1683c731fc221890a7931501393191dd495e9f728947656993bf93226a91844 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET		roboto-700.woff2 www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
GET		roboto-400.woff2 www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
GET		roboto-700.woff www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
GET		roboto-400.woff www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
GET		roboto-700.ttf www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
GET		roboto-400.ttf www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/	0 0
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	81ms 29ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-EQYE14VERM&gtm=2oeb90&_p=1771013588&gdid=dOGY3NW&cid=973989105.1669418581&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1669418581&sct=1&seg=0&dl=https%3A%2F%2Ffxwinning-login-acess.ga%2F&dt=QFlor%20%7C%20Flores%20e%20plantas%20permanentes%20-%20FRETE%20GR%C3%81TIS%20nas%20compras%20acima%20de%20R%24%2050%2C00&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EQYE14VERM&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fxwinning-login-acess.ga/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 25 Nov 2022 23:23:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fxwinning-login-acess.ga cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/themes/qflor/assets/css/fonts/icomoon.ttf?l8m82z

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/simple-social-icons/symbol-defs.svg

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/woocommerce/assets/fonts/star.woff

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/themes/qflor/assets/css/fonts/icomoon.woff?l8m82z

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/woocommerce/assets/fonts/star.ttf

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-700.woff2

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-400.woff2

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-700.woff

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-400.woff

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-700.ttf

Domain

www.qflor.com.br

URL

https://www.qflor.com.br/wp-content/plugins/customer-reviews-woocommerce/fonts/roboto-400.ttf